Dumb question... How's a FW going to prevent people connect to the web
port and issue this kind of Infinite HTTP request?
Unless the FW also have some kind of realtime IDS build into it to block
traffic in realtime... Am I correct?
Derek
On Thu, 8 Mar 2001, [iso-8859-1] Peter Gr�ndl wrote:
> ======================================================================
> Defcom Labs Advisory def-2001-10
>
> Websweeper Infinite HTTP Request DoS
>
> Author: Peter Gr�ndl <[EMAIL PROTECTED]>
> Release Date: 2001-03-08
> ======================================================================
[snip...]
>
> GET / HTTP/1.0
> Host: www.foo.org
> referrer: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.................
[snip...]
>
> ---------------------------=[Workaround]=-----------------------------
> None known, the vendor suggest placing a firewall infront of the
> websweeper application.
>
